DCC Configuration Does Not Pick Up Users Client IP Addresses - We Cannot Also Use/Enable IP Validation For Resource WebGate Agent Profile

(Doc ID 1996374.1)

Last updated on SEPTEMBER 21, 2016

Applies to:

Oracle Access Manager - Version 11.1.2.2.0 and later
Information in this document applies to any platform.

Symptoms

On : 11.1.2.2.0 version, Authentication Engine


When configuring the DCC tunneling in the OAM environment, as that is by proxying the OAM Server for Credential Collector through a DCC webgate using NAP.
This is done as per having the DCC webgate hostname and port number to be configured for the OAM Server aka,

In OAM Console: Launch Pad -> Configuration -> Access Manager Settings -> Load Balancing ==> and changes made for the OAM Server Host/Port to point to the DCC webgate (for example: DCC on OHS Server Host and Port info):

With this configuration in place, we can see and observe the following two issues:


1) Issue#1: "DCC DOES NOT PICK UP THE USERS CLIENT IP ADDESSES"
================================================================
To test and verify this:

 - please start or use a separate client web browser
 - then request the RWG#1 agent protected resource page as for example:
   http://<OHS_RWG1_Host>:<OHS_RWG1_Port>/
 - login with any test User Id
 - user is authenticated successfully and OHS protected resource is displayed
 - BUT, from OAM Console, Session Management, you will see the issue for "Client IP Address" is being set with empty/null value.


2)Issue#2: "UNABLE TO USE IP VALIDATION FOR A GIVEN RWG"
=========================================================
To test and verify this:

 - Have a RWG agent configured and registered in the OAM Server
 - Make sure this RWG#2 agent profile is configured to Enable check box for "IP Validation"
 - Please Open another clean browser session, and access to this RWG#2 protected resource page as for example:
   http://<OHS_RWG2_Host>:<OHS_RWG2_Port>/
 - login with any test User Id
 - you got the error as that page is not served. You might see a result page as with following error: (Tested with a FireFox browser):
   <<<
      The page isn't redirecting properly
      Firefox has detected that the server is redirecting the request for this address in a way that will never complete.
      ...
   >>>

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms